BeyondTrust & Palo Alto Networks

Advanced Threat Protection and Enhanced Security

Correlating application and malware data from Palo Alto Networks Next-Generation Firewalls with user and asset information from BeyondTrust PowerBroker and Retina gives organizations a clear picture of their risk, enabling them to focus on what’s most important.

With the mainstream adoption of cloud, virtual and mobile platforms, the rise of the application economy, and the escalating velocity and ferocity of threat activity, it’s no surprise that getting a true picture of enterprise risk requires data – lots and lots of data. Unfortunately, it can be difficult to gain a clear picture of risk within these volumes of data.

The daily flood of data has some organizations scratching their heads and asking questions like, “How can I make sense of it all?” Or more importantly, “How will I prioritize my most critical threats so that I can respond quickly to incidents?” Uncertainty like this is what’s driving the need for platforms that correlate seemingly disparate pieces of data into definitive and actionable security intelligence.

Unite Asset, Threat and User Data

The integration between Palo Alto Networks Next-Generation Firewalls and BeyondTrust BeyondInsight IT Risk Management Platform brings together Palo Alto Networks application and threat data with privilege and vulnerability information from BeyondTrust PowerBroker and Retina.

BeyondInsight & Palto Alto

Activating the Palo Alto Networks connector within BeyondInsight

Normalized Threat

Palo Alto Networks data normalization by BeyondInsight prior to Clarity analytics

Key Benefits

Discover Hidden Threats: Cluster like assets with similar attributes and threat levels to identify outliers and spot anomalies that signal critical risks.

Increase Confidence: BeyondInsight eliminates security gaps by correlating vulnerability, attack, malware, and user behavior data collected from BeyondTrust and Palo Alto Networks.

Expand Situational Awareness: Taken individually, many events may be written off as low-risk occurrences. However, when looked at holistically, these incidents can spell big trouble.

Maximize Security Investment: Coordinate your cyber defenses, synchronize their intelligence, and automate interactions to ensure you’re getting the most from your security.

Automate Intelligence: Perform advanced user and asset behavioral analytics, and communicate risk without requiring “eyes-on” monitoring or manual interaction.

The BeyondInsight IT Risk Management Platform

The BeyondInsight platform delivers a comprehensive view of the vulnerabilities that provide doors into an environment, as well as the privileges that present corridors to sensitive assets. This fusion of asset and user intelligence enables IT and Security to collectively:

  • Reduce user-based risk and mitigate threats
  • Address security exposures across large, diverse IT environments
  • Comply with internal, industry and government mandates

This powerful combination enables IT and security teams to collaboratively make least privilege and security decisions based on a comprehensive set of risk vectors. As a result, they are better able to determine what to fix first, what to fix next, and why.

Top 10 Threats

BeyondInsight advanced threat analytics dashboard

Pinpoint High-Risk Assets & Uncover Anomalies

BeyondInsight uses patent-pending technology to group assets with similar profiles and similar threat levels. It automatically links Palo Alto Networks events to assets and translates them into attack or malware threats. BeyondInsight then correlates this data with user and application information, as well as additional vulnerability, malware and attack data, to provide an advanced profile of user behavior and potential risks. Here’s how it works:

Vulnerabilities found by Palo Alto Networks Next-Generation Firewalls are correlated with Retina Vulnerability Assessment scans and recorded per asset for reporting, workflow, and analytics.

Malware discovered by Palo Alto Networks are linked to asset communications and trigger advanced analytics based on application and user behavior.

Attacks detected by Palo Alto Networks are processed against assets to determine the presence of advanced threats or false positives, or if an active attack was blocked.

BeyondInsight uses patent-pending technology to group assets with similar profiles and similar threat levels. Assets with like qualities will appear in high-density clusters, while outliers will appear alone, or with only a few assets – pinpointing high-risk users and assets and uncovering anomalies that signal critical risks.

BeyondInsight includes dozens of connectors to network, mobile and cloud-based IT and security solutions. These certified integrations allow organizations to share application, asset, user, and threat information between systems to gain a comprehensive view of risk.

Stop trying to defend against 21st Century attacks in isolation. Your adversaries are too smart, well-funded and determined to be turned away by point solutions fraught with blind spots. With BeyondTrust and Palo Alto Networks, you can enlist the eyes and ears of your “security village,” automate their interactions, and coordinate their intelligence to quickly reveal and respond to hidden and emerging threats.

Read the complete Data Sheet!

document
Download Now